sub-net routing question

Lennart Sorensen lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Wed Aug 17 22:04:59 UTC 2011 

On Wed, Aug 17, 2011 at 05:29:10PM -0400, marthter wrote:
> Yes I realize the three routers in my example network could be
> replaced with three switches, and thus left computer could access
> right computer and vice versa.  But I'm trying to experiment with
> and understand the three-routers example so that later when some
> links are VPN links, I can apply it there.
> 
> My thinking (in the LAN and WAN addresses/netmasks I proposed above)
> is that the middle router could be set so its LAN is set up as the
> big subnet (i.e. with a /16 netmask), and the left and right router
> have their WAN ports as clients of the middle router, and have their
> LAN ports to clients on smaller subnets (i.e. with /24 netmask).

That's NOT a good solution.  It generally doesn't work.  The problem
is that every device in the large subnet connected to the middle router
thinks everything is local for that large subnet, and don't know that some
parts of the large subnet are in fact not local but rather behind some
other routers.  Then to solve that every client in the middle large subnet
needs a route entry for each of the smaller subnets.  That's a mess.

> And I'm thinking (and perhaps this is the wrong part), that it is
> easier/better/cleaner/properer that the two smaller subnets be
> actual SUBNETS OF the big subnet of the middle router.

Only if no devices are directly part of the larger subnet.  So it would
be OK to have:

                     Main router
       +-------------192.168.0.254/24-----------+
       |                   |                    |
       |                   |                    |
192.168.0.1/24        192.168.0.2/24       192.168.0.3/24
Router 1              Router 2             Router 3
192.168.1.254/24      192.168.2.254/24     192.168.3.254/24
  |   |   |              |   |   |            |   |   |
  A1  A2  A3             B1  B2  B3           C1  C2  C3

The default route on Router 0, 1 and 2 is the main router (192.168.0.254)
The default route of clients A1 through A3 would be 192.168.1.254 since
that is their local router.  The main router would have route entries
saying 192.168.1.0/24 is through 192.168.0.1, and similar for the other
two networks.

This way anything from C1 for another subnet will be forwarded by
router 3 to its default gateway (since it doesn't know where A1 is for
example), and then the main router will know that it is through router 1,
so it forwards it there, and router 1 knows where A1 is and sends the
data there.

Now if the main router had a link to someone above it, it would be fine
for the one above it to have a route for 192.168.0.0/16 through main
router, since main router knows where all the 192.168.x.0/24 networks
are and can forward traffic to all of them.

> I'm just saying I don't know if it is valid for the left router's
> LAN address to be 192.168.1.1 with /24 netmask, and its WAN address
> to be 192.168.1.2 with a /16 netmask.

No it is not.  After all if it had to send something to 192.168.1.3, would
that be through the LAN or the WAN interface?  It has no way to know.

-- 
Len Sorensen
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list